npm package
datatables.net
pkg:npm/datatables.net
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-23445 | — | < 1.11.3 | 1.11.3 | Sep 27, 2021 | This affects the package datatables.net before 1.11.3. If an array is passed to the HTML escape entities function it would not have its contents escaped. | ||
| CVE-2020-28458 | — | < 1.10.22 | 1.10.22 | Dec 16, 2020 | All versions of package datatables.net are vulnerable to Prototype Pollution due to an incomplete fix for https://snyk.io/vuln/SNYK-JS-DATATABLESNET-598806. |
- CVE-2021-23445Sep 27, 2021affected < 1.11.3fixed 1.11.3
This affects the package datatables.net before 1.11.3. If an array is passed to the HTML escape entities function it would not have its contents escaped.
- CVE-2020-28458Dec 16, 2020affected < 1.10.22fixed 1.10.22
All versions of package datatables.net are vulnerable to Prototype Pollution due to an incomplete fix for https://snyk.io/vuln/SNYK-JS-DATATABLESNET-598806.